Hi, > About a week ago, I discovered hundreds of "mail delivery failure" > messages in my inbox. Investigation revealed that they were all for > SPAM e-mails that I did not send. I am guessing that this means one > of two things: > > (1) Someone discovered my password somehow, logged into my ISP > account as me, and sent out a bunch of SPAM. > > Or > > (2) Someone sent out a bunch of SPAM, spoofing my e-mail address > as the sender, and the delivery failures came to me. > > How can I tell which is the case, and if it's (2), is there anything > I can do to defend myself against this sort of thing in the future? You could check the header of one email you know you send and one of the others. I guess what you are getting is simple backscatter spam like in (2) you described.
> > (I do know enough not to respond in any way to the almost-daily phishing > attacks that try to get me to supply my userid and password. I have > never responded to any of them.) > > I am running Debian stretch; but of course I realize that this question > is not, strictly speaking, a Debian question; so I have marked it > off-topic. But I suspect that it is of interest to users of this list, > since this list is accessed via e-mail. >
signature.asc
Description: OpenPGP digital signature
